In Advance of New Massachusetts Privacy Law, Liquid Machines Offers Enterprise-Class Security Software to Mom-and-Pop Businesses
(Page 2 of 2)
runs on HR Knowledge’s servers rather than the end users’ own machines, as at Liquid Machines’ larger clients. The system adds control functions called “droplets” to programs such as Microsoft Office and Adobe Acrobat; these droplets allow administrators to set up policies determining who can read, edit, or print business files. HR Knowledge consultants help users learn the system, set up the appropriate policies, and produce the documentation required for compliance.
The service is priced at $125 per user per month, plus a one-time setup fee. A typical small company, Garr says, would have only one or two users, such as the bookkeeper or office manager. For a company on the scale of Xconomy—with about 10 employees—the yearly charges would come to around $3,000, he says. (Perhaps not coincidentally, that’s exactly in line with OCABR’s estimates for the average cost of complying with the new privacy laws.)
Ironically, Garr says HR Knowledge never really wanted to get into the software business. “We are an HR company, not an IT company,” he says. “Our job is to make sure that our clients are compliant, and up to now, compliance has meant things like having a sexual harassment policy and hiring and terminating employees properly. But with this new law, HR also means protecting electronic and hard-copy information about employees, and that’s really a key motivating factor for us. This is something we have to do to protect our clients.”
Companies have another nine months to comply with 201 CMR 17.00, and getting a new company up and running on Liquid Machines’ software only takes 8 to 12 hours of on-site training, Garr says. But he wouldn’t recommend putting compliance off, the way the state keeps doing by moving back the deadline. “Knowing what we know about what can happen if this personal information gets out,” says Garr, “I think it’s in everyone’s best interest to handle it now.”
Update, March 31, 2009: Utimaco, the Foxborough, MA- and Oberursel, Germany-based security company featured in my December story on the Massachusetts reguilations, today unveiled a nifty Compliance and Regulation Portal on the Web. It’s full of resources on how businesses can comply with shifting legal regulations concerning the privacy of personal data.